Advisory Consulting Make information work to your advantage.* Help reduce operating costs, respond to competitive pressures, and improve collaboration. pwc.com *connectedthinking (Year) PwC copyright statement here.
Table of contents Transform data from a hindrance into a helper 1 Adopt a data governance program to establish ownership, responsibility, and procedures for enterprise data 2 Advantages of effective data governance 3 Making the business case for data governance 5 The first steps toward data governance 7 Managing security 12 What this means for your business 14
Transform data from a hindrance into a helper In today s fast-paced business world, companies must make informed business decisions in less time than ever before. Your organization faces increasing pressure to improve value, accountability, performance, and quality (while reducing risk) to meet the demands of stakeholders, customers, employees, and the government. The economic climate exacerbates demands to cut costs, improve efficiency, and improve revenue. In this difficult environment, businesses need to predict trends, react quickly to market changes, and respond to competitors. Yet many organizations still struggle to provide executives, managers, and staff with the precise information they need to make smart, timely decisions. Without reliable and accurate data, decision-makers must pass decisions up the chain of command, set aside other work while they collect their own data, or make judgments based on questionable information all of which can slow a company s progress and jeopardize its chances for success. Your company can avoid these pitfalls by harnessing the data your company collects and creates, and using it effectively to achieve business objectives. Your organization may achieve: Greater insight and innovation from enterprise information More accurate sales forecasts Increased security and privacy of data Improved operational efficiency Greater confidence in enterprise data for better, faster decision making Information is one of your company s greatest assets. Yet to realize the greatest benefit, it needs procedures, standards, and controls to help collect, process, and distribute data efficiently and securely. It also needs to promote a culture that makes everyone responsible for collecting data; sharing information; and understanding quality, security, and content standards. 1 PricewaterhouseCoopers
Although most discussions about data management start with IT, the entire enterprise must ultimately accept the responsibility for it. PricewaterhouseCoopers (PwC) can help your company derive more value from its data. Our professionals have worked with many clients to develop and implement solutions to align with short- and long-term business goals. Adopt a data governance program to establish ownership, responsibility, and procedures for enterprise data Data governance recognizes the value of information as a corporate asset, and creates the formal policies, oversight, standards, and measurement controls that enable companies to safeguard data and leverage it across the enterprise. An effective data governance program, designed to help manage data appropriately and securely throughout your enterprise should address the business processes used to collect, analyze, and disseminate information. Such a program can help an organization eliminate errors, create opportunities for automation, reduce duplicative efforts, and decrease reliance on manual data entry. Through effective data governance programs, companies achieve: Increased security for data and information Lean data processes for reliable data, more quickly, and at a lower cost Standard data definitions for enterprise consistency and greater business adaptability Better data integration across applications for operational needs Increased confidence in the use of enterprise data for decision making 2 PricewaterhouseCoopers
A data governance program should address polices and processes for data management, systems monitoring, staff monitoring, and change communication. The goal of a strong data governance model is to instill collaboration among your business units and IT teams for the good of the organization rather than a single department. Together, business and IT share responsibility for understanding and resolving data management problems; and both share the responsibility for understanding your data management problems and working together to correct them. Data governance is usually managed by a crossfunctional team responsible for resolving data conflicts both within and across functional boundaries. The data governance group is also responsible for developing and enforcing policies and procedures for the use and technical management of data across the enterprise. An effective data governance program supports the ability to accurately plan, measure, and monitor data quality at predetermined levels of acceptability. A data governance model may focus on one or more objectives, including business intelligence, firm wide data quality, security, data warehousing, and IT portfolio management. Advantages of effective data governance How can an effective data governance program benefit your organization? Reduce operational costs. A well-designed data governance plan can improve your company s efficiency by eliminating duplicative processes and manual steps related to data input, processing, analysis, and distribution. Streamlined data management processes, enterprise-wide standards, and quality controls provide a framework in which organizations can save money and increase efficiency. Time and money currently spent reconciling data or identifying and fixing database problems can be invested elsewhere. 3 PricewaterhouseCoopers
Competitive advantage. Decision-makers need timely, useful information to react to market conditions, respond to client and customer needs, deliver valuable products and services, and drive success. But when a company operates without a data governance program, every function sets it own rules, policies, and standards for collecting and distributing information. This content may be fractured in incompatible formats among several databases, which can make it difficult for decision-makers to see what is happening across their organizations, prevent the development of real-time dashboards, and hinder the ability to perform comparisons. Consistency across the enterprise. Multiple databases containing conflicting information about customers, products, pricing, and other critical information create confusion and present myriad problems. Consider these examples: A chief operations officer wants to invest $3 million in new production equipment, but the production data is incomplete and sales forecasts are erroneous. Sales representatives approach a major customer with an opportunity to invest in a significant upgrade, but they don t know that the customer s existing equipment isn t compatible with the new technology because they can t access records about the client s purchase history. The marketing staff has difficulty evaluating the performance of a targeted campaign because it cannot easily compare information between the sales and customer databases. Customer service representatives frequently must place callers on hold because information about products and solutions are stored on different databases, each with its own interface. Most of these common roadblocks could be avoided through an effective data governance program, which can support a single, centralized repository for company information. 4 PricewaterhouseCoopers
Increased business user confidence. A strong data governance program allows decision-makers to be confident that their information is reliable and up to date. It also provides a structure for identifying errors and making corrections as soon as data management issues arise. Greater collaboration. Without standards and quality controls, different departments are essentially speaking different languages and cannot share information fluently. An effective data governance program breaks down barriers to collaboration by initiating a conversation between representatives from different functional areas about how to best use and manage data. This cross-functional communication helps eliminate the misinterpretations that occur when different business units make assumptions about data that different groups capture, contribute, and share with the enterprise. Representatives from different business groups should work within the data governance model to address issues such as accuracy, accessibility, integrity, timeliness, redundancy, consistency, privacy, and completeness. Making the business case for data governance The business advantages of data management programs are clear; nonetheless, these programs do not drive an appreciable immediate impact to an organization s bottom line. But although data management programs alone don t deliver revenue, they create a framework in which companies can realize more value and discover cost-cutting opportunities from one of their most important assets data. Accordingly, many organizations find it difficult to calculate a precise return on investment (ROI) from their data governance initiatives. Other organizations face additional difficulties because they integrate data governance programs into larger IT projects, making it difficult to determine a separate ROI. 5 PricewaterhouseCoopers
In PwC s experience, data governance programs rarely yield a short-term ROI, but they provide significant, sustainable long-term benefits. As your company evaluates the value of data governance, it may be useful to consider the following questions: How many complex and duplicated systems could be removed if master data were managed centrally? How much more responsive would your business be if it could focus on making decisions based on accurate data instead of looking for the right data? How much more of an opportunity to cross-sell or up-sell would exist if your business had access to a 360-degree view of customer data? How much time and effort would be saved if resources were dependent less on manual data cleanup? Your company should also consider how data governance aligns to business strategy. By associating data governance with one or more of your company s goals specifically, goals related to increasing revenue or reducing costs you will showcase the value of data governance and build a stronger business case. As your data governance implementation team begins evaluating the size and scope of its mission, a clear understanding of the organization s business strategy will be a valuable guide for setting priorities and defining issues. The team should seek to address the challenges that promise the greatest business benefit and aggressively manage the process so that everyone remains focused on the most critical data domains. If the project for any single data domain takes more than eight months to complete, the scope is probably too wide and should be reevaluated. Your organization should not be limited to addressing one data domain at a time: In fact, if resources permit, the team may wish to handle several domains concurrently. 6 PricewaterhouseCoopers
The first steps toward data governance Organizations often stumble when they attempt to take on too many projects at once; what is known as boiling the ocean. To combat this syndrome, PwC suggests organizations phase in their data governance programs, communicating their successes along the way. A solid data governance program must be adopted at the enterprise level. Because of the broad nature of the elements involved in data governance setting standards, policies, technologies it rarely makes sense for individual departments to implement their own data governance models. Successful data governance programs rarely exist in silos. Creating an efficient data governance program is as much an exercise in change management as it is in data management. Tell employees why change is needed, demonstrate the benefits of data governance, and allow them to see and share in successes. Data Strategy Accountablity and Ownership Communication and Training Plan Data Governance Policies, Procedures, Standards Monitoring, KPI Metrics Data Governance Management Process Definitions, Business Rules, Data Quality Source: PricewaterhouseCoopers 7 PricewaterhouseCoopers
Assess the current state of data management Athletes begin training by assessing their capabilities: they measure their performance, compare themselves against leaders in their sport, and identify the challenges that prevent them from meeting their goals. Similarly, the first step in designing a comprehensive, effective data governance program is to understand your company s existing data management rules, polices, and procedures. Without this assessment, it is difficult to know how mature your data governance model already is, and what it needs to build a highly efficient program. Data management maturity model Initial Data and information generally unmanaged or does not warrant management as a key data asset. Repeatable Data and information managed at minimum level required for maintaining reliability. Data assets produce limited business benefits. Defined Data and information actively managed under a moderate level of control. Data assets deliver aboveaverage benefits. Managed Data and information actively managed, with a strong level of control. Most potential benefits realized. Optimized Data and information actively managed using best-in-class controls. Full business potential of information assets realized. Source: PricewaterhouseCoopers Global Best Practices 8 PricewaterhouseCoopers
During this process, your organization needs to analyze its data activities in two distinct areas: first, it needs to understand how information is used and consumed throughout the company, and, secondly, how data is collected and how its quality is ensured. These questions will help the assessment: What do your stakeholders think? Poll your business users to understand how data issues affect the way they work. For example: Do reports deliver the desired results? Do people spend too much time cleaning data or tracking down information? Are marketing campaigns less efficient than they could be because customer information is inaccurate or incomplete? By polling your business community, you can identify their needs and priorities. Make sure to poll across a wide representation of staff that receive or contribute data. How does data flow through your organization? It is imperative to understand the complete lifecycle of data, from the sources that collect and create data, to the systems that analyze it into useful information, then to the finished reports that people rely on. Look at all parts of this lifecycle, including: Suppliers: Understand the internal organization and external suppliers that provide information. Inputs and sources: Understand how data flows by identifying the people and systems that input, supply, and create information for your enterprise. This effort will produce a catalog that shows where data resides. This will increase your understanding of duplicative areas and knowledge of business representatives that need to be involved in the data governance program. Processes: Understand how data flows throughout your systems from source to output. Outputs: Know how data is transformed into information, and how that information is published and distributed in reports, live dashboards, intranet sources, or other outputs. Compare that process to your desired outcome to identify gaps to help you respond to concerns that arise when data does not meet business objectives. Customers: Assess the needs of the decision-makers that will use the data to pursue business objectives. 9 PricewaterhouseCoopers
Design and agree on the data governance organization structure Once you have a deeper understanding of your company s data management capabilities and challenges, you should create an internal organization to oversee data governance. This data governance council will need defined roles, responsibilities, executive sponsors, data stewards, and technology experts. It will be responsible for formulating stewardship policies for data management, and should report progress directly to the C-suite and the board of directors. Data governance councils should be designed to best address your company s specific needs. Here are some questions to consider when designing your council: How are members in the data governance council identified? The data governance council should include key decision-makers and encompass representatives from across your entire organization. Make sure there is at least one representative from each division or business unit. How do we affirm that data is managed across the enterprise rather than in silos? Data stewards will be responsible for managing your data. Therefore, it is important to select data stewards who understand the importance of enterprise-wide data management. How are data stewards selected? Identify the subject areas that require monitoring, such as customer data, employee records, contract information, etc. Depending on the complexity of data, you might need more than one data steward for each subject area. Once subject areas are identified, break them down into global and local categories. This will require two levels of data stewards: those responsible for global data, and those that manage local data. 10 PricewaterhouseCoopers
Develop a data governance strategy or action plan Create a vision for the future and understand the steps needed to realize it. The data governance council leader must create a roadmap for addressing relevant data management gaps. Additionally, they should manage progress and report to senior management to validate the results. Based on the current assessment, the data governance strategy will help formulate an action plan that recognizes opportunities for improvement. The plan should include, but not be limited to, projects such as: Creating a data governance policy Calibrating the process for creating and changing data Implementing a data quality program that defines data and metadata Assessing the quality of data and defining metrics and business rules Constantly look for improvement Data governance is not a one-time exercise, but an ongoing effort that requires monitoring and maintenance. To be successful, your initiatives should be re-evaluated continually. Your data governance program should include these elements: Continual monitoring, maintenance, and review Effective communication between IT, other business units, and data stakeholders Documentation and communication of changes, issues, and tasks Compliance with all data business and process rules and requirements 11 PricewaterhouseCoopers
In addition, your organization should promote data governance education and awareness throughout the enterprise. It should document effective data governance practices that you can share to help duplicate successes. The steps discussed above will lay the groundwork for initiating a future state data governance framework within your organization. Managing security Security should be one of main objectives of your organization s data governance strategy. Information has become increasingly portable and accessible, which benefits the collaborative business environment yet increases the risk that data will be lost, misused, or compromised. Data breaches can lead to substantial fines, lawsuits, and damage to a brand s reputation. These security risks illustrate the importance of strong data governance programs that incorporate data security. Senior executives should understand the value of these initiatives, because CEOs and CFOs may be held responsible for infractions of records and information management regulations. Your organization s data governance strategy and security management activities should align. Both initiatives will recognize that data and information are one of your company s most important assets and should be protected and leveraged to achieve business objectives. Both initiatives must also recognize that high-performing technology and knowledgably crafted policies are useless if employees are careless with enterprise data, share passwords, take home laptops filled with sensitive data, or do not input data so that it can be processed and shared with the organization. Data governance and security management must not fail to address people and cultural change. 12 PricewaterhouseCoopers
As your company assesses its data risks, it should consider the following: Embrace a strategic approach to security management: Just like with data governance, data security should be approached as an enterprise-wide initiative. Senior executives must sponsor security efforts. Some organizations will create security councils, drawing representatives from different functions, to oversee information security programs. Deliver a high-performance security program: Forward-thinking companies anticipate security challenges and then set operating guidelines. This frees the organizations from reacting to perceived threats or making ad-hoc decisions. To create a high-performance security program, the security professionals in your organization will need to break down barriers to cultivate working relationships with managers in other business units. Protect information with technology and controls: Protecting technology in all of its forms at all times may be expensive and sometimes infeasible, especially with the widespread adoption of distributed systems, third-party service providers, and direct customer communications. Therefore, some companies protect information by securing access, controlling user access, and adopting multilayered technologies. Look beyond technology: Complement your investment in security technology with employee training and awareness campaigns that help establish and maintain a high-performing security environment. These efforts may complement your organization s data governance training and awareness campaigns. 13 PricewaterhouseCoopers
What this means for your business Data is a valuable corporate asset, yet many companies fail to realize its full business value. Data governance creates an environment where companies can leverage their data quickly and efficiently to respond to challenges and opportunities posed by the market. A sound data governance program provides formal policies, standards, and oversight that enable decision-makers to receive the accurate, timely information they need to achieve business objectives. Whether your company is exploring the benefits of a data governance program or has already embraced data governance and is looking to refine its efforts, the concepts and methodology described in this document will prove helpful. 14 PricewaterhouseCoopers
Contacts To have a deeper conversation about how data governance may affect your business, please contact: Steve Cranford 410-271-6305 steve.cranford@us.pwc.com Marisol Gonzalez 973-236-5483 marisol.r.gonzalez@us.pwc.com John Benge 973-236-5380 john.c.benge@us.pwc.com Gerard Verweij 617-530-7015 gerard.verweij@us.pwc.com David Patton 267-330-2653 david.s.patton@us.pwc.com Sal Passariello 973-236-4308 salvatore.passariello@us.pwc.com Kenneth J. Campbell 973-236-4737 kenneth.j.campbell@us.pwc.com Hema Kadali 973-236-4126 hema.kadali@us.pwc.com 15 PricewaterhouseCoopers
pwc.com 2009 PricewaterhouseCoopers LLP. All rights reserved. PricewaterhouseCoopers refers to PricewaterhouseCoopers LLP, a Delaware limited liability partnership, or, as the context requires, the PricewaterhouseCoopers global network or other member firms of the network, each of which is a separate and independent legal entity. This document is for general information purposes only, and should not be used as a substitute for consultation with professional advisors. BS 10-0283 1110 JC